Exam AZ-700 topic 2 question 29 discussion

Correct Answer : 4 1. GatewaySubnet 2. Subnet 2 3. Subnet 1 with Basic SKU for Public IP 4. NAT Gatway requires in VNET 1 and hence 4. Otherwise you could have used Subnet2 to avoid creating 4th Subnet. Requirement is to create NAT GW in VNET1 so you need 4th Subnet. https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-overview Check out - NAT gateway and basic SKU resources section

The correct answer is 4. 1. The Gateway Subnet must exist on its own. 2. As per this link https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-overview#nat-gateway-and-basic-sku-resources Basic resources, such as basic load balancer or basic public IPs aren't compatible with Virtual Network NAT. Basic resources must be placed on a subnet not associated to a NAT gateway. 3. The question also states that VM1 and VM2 will access the internet by using their respective public IP address. From the same link above we have the statement: NAT gateway takes precedence over other outbound scenarios (including Load balancer and instance-level public IP addresses) and replaces the default Internet destination of a subnet. So to meet that requirement, we would need a 4th subnet where the NAT gateway is deployed.

GatewaySubnet 2 Subnet 2 Subnet 1

Azure virtual network NAT doesn't require a subnet, it's rather associated to a subnet, as many have pointed out. It supports multiple public IPs and can be associated to all subnets in a VNET. https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview There are no subnets required but we can stick to what is already there, that is 3. This is another non-sense Microsoft question. Please stop posting stuff that is creating just a lot of confusion, read the Microsoft documentation if you are not sure.

To deploy an Azure Virtual Network NAT gateway named Gateway1 while meeting the requirements and minimizing administrative effort, you need to ensure the correct network setup. Given the information: VM1 and VM2 will access the internet using their public IP addresses. You have Vnet1 with Subnet1 and a GatewaySubnet. You need to deploy Gateway1 to Vnet1. The minimum number of subnets required on Vnet1 is 2: Subnet1: This is where VM1 is connected. GatewaySubnet: This is required for deploying the NAT gateway. Therefore, the minimum number of subnets required is 2.

We dont need a subnet for NAT gateway so subnet 1 subnet 2 and gw subnet >> 3 subnets so ans is B

We dont need a subnet for NAT gateway so subnet 1 subnet 2 and gw subnet >> 3 subnets so ans is C

NAT gateway does not need a subnet to deploy it. But it need to be associated with subnet to which it needs to provide NATing. So answer is 3.

Only 3 subnets 1. Subnet 1 has an Basic SKU public IP address and the NAT gateway isn't compatible to deploy it in the subnet1 2. GatewaySubnet -- Reserved for VPN GW 3. An additional subnet to deploy the NAT Gateway

I have created a virtual network with 2 subnets (one is deploying a VM and one is using Subnet Gateway). The NAT Gateway can be created into a subnet deploying a VM, so I think the answer is 3

According to ChatGPT the answer is 4. Yes, in Azure, a NAT (Network Address Translation) gateway typically requires its own subnet. When you deploy a NAT gateway in Azure, it is associated with a specific subnet in a virtual network. This subnet is referred to as the NAT gateway subnet.

B seems to be the right answer, because NAT GW doesn't need a dedicated subnet. Rather it can be attached to existing subnets for workload to use it.

As per details I think Subnet2 not hosted in Vnet1

4: Least admin effort requires no changes to existing subnets or VMs, just add a subnet for the NAT Gateway to apply to. This also means the existing VMs keep their use of their PIPs and the GateWaySubnet is unchanged.

Just to deploy the NAT gateway, we do not need to assign it to any subnet at time of creation. So no extra subnet required just to deploy NAT gateway

NAT Gateway requires in VNET 1 and hence 4. Otherwise you could have used Subnet2 to avoid creating 4th Subnet. Requirement is to create NAT GW in VNET1 so you need 4th Subnet. Reference: https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-overview

Answer seems to be 4 subnets. 1. Subnet1 for VM1 2. Subnet2 for VM2 - you can't associate the NAT gateway with this subnet as the requirement says VM2 needs to use its public IP address. NAT gateway takes precedence over other outbound connectivity methods, including Load balancer, instance-level public IP addresses, and Azure Firewall. 3. Subnet 3 for GatewaySubnet 4. Subnet 4 for NAT Gateway - NAT gateway doesn't need a delegated subnet but you associate it with subnet for the LBs and VMs outbound connectivity. Also, one of the requirements is to deploy NAT gateway. https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview